SiliconANGLE: Cloud conundrum: The changing balance of microservices and monolithic applications

The cloud computing debate isn’t just about migrating to the cloud, but how the cloud app is constructed. Today’s landscape has gotten a lot more complicated, with virtual machines, cloud computing, microservices and containers. The modern developer has almost too many choices and has to balance the various tradeoffs among those architectures. I examine how to pick the right mix of cloud apps from a variety of tech, what I call the cloud conundrum in my latest analysis for SiliconANGLE.


Book review: Breaking Backbones Book 2 by Deb Radcliff

I have know Deb Radcliff as a B2B journalist colleague and now cyber fiction author for more than a decade. Her latest novel in the “Breaking Backbones” series can be read independent of the first volume, and is a sizzler taken directly from today’s cybersecurity news. We have mostly the same motley cast of characters of hackers, ne’er-do-wells, and tough dudes who are trying to mess up the world now that its central IT authority GlobeCom was taken down at the end of the first book. The various hacker clans are trying desperately to free a bunch of imprisoned programmers somewhere in Russia and stop the evil doers from unleashing their AI-based code on the world. In the meantime, there are plenty of drone attacks to manage, code to review, and personal scores to be settled. There is plenty of dystopia to be served up in its pages, and a great deal of verisimilitude thanks to Radcliff’s familiarity with the subject matter. Will her world be successful at freeing its digital enslavement from a crazy autocrat? Well, I won’t give away the ending, but it sure was fun reading about it.

SiliconANGLE: Fixing 25 years of email insecurity

I have been writing about email security for nearly 25 years (or more, depending on how you count things). Back in 1998, when Marshall Rose and I wrote our landmark book “Internet Messaging,” we said that the state of secure Internet email standards and products is best described as a sucking chest wound.” We had the publisher print a blank page in the book to signify how bad email security was. Well, perhaps we are still the walking wounded, although at least today we have better tools.

Most recently, I wrote a piece for SilconANGLE entitled, Fixing email security: It’s still a rocky road ahead. It begins:

The foundational protocols for making email more secure and less of a threat have been in place for almost a decade, yet they remain mostly unused, poorly implemented and largely ineffective. A recent report from Sendlayer shows just how much of a problem that is.

Book review: Visual Threat Intelligence by Thomas Roccia

Thomas Roccia has written an interesting book called Visual Threat Intelligence that is both unusual and informative for security researchers of all experience levels. He is a Senior Security Researcher at Microsoft’s Threat Intelligence group, and the founder and curator of, a database of malware evasion techniques.

Think of it as both a reference guide as well as a collection of carefully curated tools that can help infosec researchers get smarter about understanding potential threats (such as YARA, Sigma, and log analyzers) and the ways in which criminals use them to penetrate your networks.

For threat intel beginners, he describes the processes involved in breach investigation, how you gather information and vet it, and weigh various competing hypotheses to come up with what actually happened across your computing infrastructure. He then builds on these basics with lots of useful and practical methods, tools, and techniques.

One chapter goes into detail about the more notorious hacks of the past, including Stuxnet, the 2014 Sony hack, and WannaCry. There are timelines of what happened when, graphical representations of how the attack happened (such as the overview of the Shamoon atttack shown here), mapping the attack to the diamond model (focusing on adversaries, infrastructure, capabilities, and victims) and a summary of the MITRE ATT&CK tactics. That is a lot of specific information that is presented in a easily readable manner. I have been writing about cybersecurity for many years and haven’t seen such a cogent collection in one place of these more infamous attacks.

Roccia also does a deeper dive into his own investigation of NotPetya for two weeks during the summer of 2017. “It was the first time in my career that I fully realized the wide-ranging impact of a cyberattack — not only on data but also on people,” he wrote.

The book’s appendix contains a long annotated list of various open source tools useful for threat intel analysts. I highly recommend the book if you are interested in learning more about the subject and are looking for a very practical guide that you can use in your own investigations.

SiliconANGLE: How the Mirai botnet continues to threaten business networks

One of the most powerful pieces of malware began with the efforts of three American teens who were motivated by playing “Minecraft” in 2014. Called Mirai, it would go on to crash Germany’s largest internet provider, knock Dyn’s Domain Name System servers offline and disrupt all of Liberia’s internet connections.

In my post for SiliconANGLE today, I discuss how Mirai exposed the soft underbelly of IoT security, which often has hard-coded default passwords that make them easy to compromise and subsequently control in a DDoS attack. It is a hard problem to enumerate all of these devices, update them and change their default passwords where that’s even possible.

Book review: A Hacker’s Mind by Bruce Schneier

I have known Bruce Schneier for many years, and met him most recently just after he gave one of the keynotes at this year’s RSA show. The keynote extends his thoughts in his most recent book, A Hacker’s Mind, which he wrote last year and was published this past winter. (I reviewed some of his earlier works in a blog for Avast here.)

Even if you are new to Schneier, not interested in coding, and aren’t all that technical, you should read his book because he sets out how hacking works in our everyday lives.

He chronicles how hacks pervade our society. You will hear about the term Double Irish with a Dutch Sandwich (how Google and Apple and others have hacked and thus avoided paying US taxes), the exploits of the Pudding Guy (the person who hacked  American Airlines frequent flyer system by purchasing thousands of pudding cups to obtain elite status), or when the St. Louis Browns baseball team hacked things by hiring a 3’7″ batter back in 1951. There are less celebrated hacks, such as when investment firm Goldman Sachs owned a quarter of the total US aluminum supply back in the 2010’s to control its spot price. What was their hack? They moved it around several Chicago-area warehouses each day: the spot price depends on the time material is delivered. Clever, right?

Then there are numerous legislative and political hacks, such as the infamous voter literacy tests of the 1950s before the Civil Rights laws were passed. Schneier calls them “devilishly designed, selectively administered, and capriciously judged.”

“Our cognitive systems have also evolved over time,” he says, showing how they can be easily hacked, such as with agreements and contracts. This is because they can’t be made completely airtight, and we don’t really need that anyway: just the appearance of complete trust is usually enough for most purposes.

A good portion of his book concerns technology hacks, of course. He goes into details about how Facebook’s and You Tube’s algorithms are geared towards polarizing viewers, and the company not only knew this but specifically ignored the issue to optimize profits. The last chapters touch on AI issues, which he categorically says “will be used to hack us, and AI systems themselves will become the hackers” and find vulnerabilities in various social, economic and political systems. He makes a case for a hacking governance system that should be put in place — something which isn’t on the radar but should be.

“The more you can incorporate fundamental security principles into your systems design, the more secure you will be from hacking. Hacking is a balancing act. On the one hand, it is an engine of innovation. On the other, it subverts systems.” The trick is figuring out how to tip that balance.

Book review: The Revenge List

I liked the conceit about this murder mystery novel by Hannah Mary McKinnon entitled The Revenge List: The central character attends an anger-management support group and makes a list of people who have wronged her in the past and to whom she should forgive. Trouble is, the list falls into the wrong hands and people start having grave accidents. The mystery is who is doing these dastardly deeds, and what does this have to do with the character’s flaws, which are many. The action takes place in and around Portland Maine and the supporting cast is engaging and just quirky enough to sustain the plot points. It makes you question your own attitude towards forgiveness and how we resolve issues with our past connections. The family dynamics are also very true-to-life, which adds to the novel’s credibility and complexity. Highly recommended.

SiliconANGLE: Infostealers get more lethal

The class of malware called infostealers continues to evolve into a more lethal threat. These threats are software that can steal sensitive data from a victim’s computer, typically login details, browser cookies, saved credit cards and other financial information. Unfortunately, criminals continue to enhance this malware genre, and two new reports released this week document their latest efforts. I describe what is new and how to recognize this attack method in my latest post for SiliconANGLE.